[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Oct 13 22:21:09 BST 2022



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b6c291d1 by Salvatore Bonaccorso at 2022-10-13T23:20:40+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1785,17 +1785,17 @@ CVE-2022-42163
 CVE-2022-42162
 	RESERVED
 CVE-2022-42161 (D-Link COVR 1200,1202,1203 v1.08 was discovered to contain a command i ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2022-42160 (D-Link COVR 1200,1202,1203 v1.08 was discovered to contain a command i ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2022-42159 (D-Link COVR 1200,1202,1203 v1.08 was discovered to have a predictable  ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2022-42158
 	RESERVED
 CVE-2022-42157
 	RESERVED
 CVE-2022-42156 (D-Link COVR 1200,1203 v1.08 was discovered to contain a command inject ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2022-42155
 	RESERVED
 CVE-2022-42154
@@ -3442,7 +3442,7 @@ CVE-2022-41491
 CVE-2022-41490
 	RESERVED
 CVE-2022-41489 (WAYOS LQ_09 22.03.17V was discovered to contain a Cross-Site Request F ...)
-	TODO: check
+	NOT-FOR-US: WAYOS
 CVE-2022-41488
 	RESERVED
 CVE-2022-41487
@@ -3470,11 +3470,11 @@ CVE-2022-41477
 CVE-2022-41476
 	RESERVED
 CVE-2022-41475 (RPCMS v3.0.2 was discovered to contain a Cross-Site Request Forgery (C ...)
-	TODO: check
+	NOT-FOR-US: RPCMS
 CVE-2022-41474 (RPCMS v3.0.2 was discovered to contain a Cross-Site Request Forgery (C ...)
-	TODO: check
+	NOT-FOR-US: RPCMS
 CVE-2022-41473 (RPCMS v3.0.2 was discovered to contain a reflected cross-site scriptin ...)
-	TODO: check
+	NOT-FOR-US: RPCMS
 CVE-2022-41472
 	RESERVED
 CVE-2022-41471
@@ -8532,7 +8532,7 @@ CVE-2022-39295
 CVE-2022-39294
 	RESERVED
 CVE-2022-39293 (Azure RTOS USBX is a high-performance USB host, device, and on-the-go  ...)
-	TODO: check
+	NOT-FOR-US: Azure RTOS USBX
 CVE-2022-39292 (Slack Morphism is a modern client library for Slack Web/Events API/Soc ...)
 	NOT-FOR-US: Slack Morphism
 CVE-2022-39291 (ZoneMinder is a free, open source Closed-circuit television software a ...)
@@ -9608,7 +9608,7 @@ CVE-2022-38904
 CVE-2022-38903
 	RESERVED
 CVE-2022-38902 (A Cross-site scripting (XSS) vulnerability in the Blog module - add ne ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2022-38901
 	RESERVED
 CVE-2022-38900
@@ -14495,7 +14495,7 @@ CVE-2022-37210
 CVE-2022-37209 (JFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do no ...)
 	NOT-FOR-US: JFinal CMS
 CVE-2022-37208 (JFinal CMS 5.1.0 is vulnerable to SQL Injection. These interfaces do n ...)
-	TODO: check
+	NOT-FOR-US: JFinal CMS
 CVE-2022-37207 (JFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do no ...)
 	NOT-FOR-US: JFinal CMS
 CVE-2022-37206



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b6c291d198b674eb1f747257d272515ec2284f7d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b6c291d198b674eb1f747257d272515ec2284f7d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221013/ea9f128d/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list